{{hreflangTags}}
Log in Start Free
Inbox Roadmap Changelog Pricing
Log in
🇬🇧🇭🇷🇸🇮

Privacy Policy

Last updated: December 2024

Introduction

At Damper, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our feedback collection platform.

Data Controller

Damper is the data controller responsible for your personal data. If you have questions about this policy or our data practices, please contact us at privacy@damper.io.

Data We Collect

We collect different types of information depending on how you interact with our service:

Account Data

When you register, we collect your email address, name, company name, and password. We also store your notification preferences and account settings.

Feedback Data

We store feedback submissions, feature requests, bug reports, votes, and comments submitted through your feedback widget and dashboard.

Visitor Data

We collect information about visitors who use the feedback widget on your website, including their name (if provided), email (if provided), and user tier for weighted voting.

Analytics Data

We use PostHog (with EU data hosting) to collect anonymized usage analytics to improve our service, including feature usage, performance metrics, and error tracking.

How We Use Your Data

We use your personal data for the following purposes:

  • To provide and maintain our feedback collection service
  • To generate AI-powered roadmap suggestions (optional feature)
  • To send you important service notifications
  • To improve and personalize your experience
  • To process payments via Stripe (for paid plans)

Legal Basis for Processing

Under GDPR Article 6, we process your data based on:

  • Contract - Processing necessary to fulfill our service agreement with you
  • Consent - For AI features and marketing communications, where you've given explicit consent
  • Legitimate Interest - For analytics and service improvement, balanced against your privacy rights

Third-Party Processors

We share data with the following trusted third parties who process data on our behalf:

  • PostHog - Product analytics with EU data hosting (eu.posthog.com). Anonymized usage data only.
  • Stripe - Payment processing for paid subscriptions. Handles payment card data directly.
  • Railway - EU-based infrastructure hosting for our API and database.
  • Cloudflare - Content delivery and DDoS protection for our dashboard and website.

Data Retention

We retain your data for as long as your account is active. Feedback and voting data is retained based on your plan. When you delete your account, we schedule permanent deletion after a 30-day grace period, during which you can reactivate your account.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access - You can request a copy of all personal data we hold about you
  • Right to Rectification - You can update or correct your personal data at any time
  • Right to Erasure - You can request deletion of your account and all associated data
  • Right to Data Portability - You can export your data in a machine-readable JSON format
  • Right to Object - You can object to processing based on legitimate interests

To exercise these rights, visit your Settings page in the dashboard and use the Account section, or contact us at privacy@damper.io.

International Data Transfers

All your data is stored and processed within the European Union. We do not transfer personal data outside the EU/EEA. Our infrastructure providers (Railway, Cloudflare) maintain EU data centers, and our analytics provider (PostHog) uses their EU hosting option.

Security Measures

We implement industry-standard security measures including encryption in transit (TLS 1.3), encryption at rest, secure password hashing, and regular security audits. Access to personal data is restricted to authorized personnel only.

Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email and update the "Last updated" date. Continued use of our service after changes constitutes acceptance of the updated policy.

Contact Us

For privacy-related questions or to exercise your data rights, contact our Data Protection team at privacy@damper.io. You also have the right to lodge a complaint with your local data protection authority.